/ home / sap / sap.sap_operations / 1.25.0 / module / hdbuserstore

sap.sap_operations.hdbuserstore (1.25.0) — module

Manage the HANA user store (HANA command hdbuserstore)

| "added in version" 1.0.0 of sap.sap_operations"

Authors: Ondra Machacek (@machacekondra)

Install collection

Install with ansible-galaxy collection install sap.sap_operations:==1.25.0

Add to requirements.yml

  collections:
    - name: sap.sap_operations
      version: 1.25.0

Description

Manage the HANA user store (HANA command hdbuserstore) Get and set HANA user store records.

Requirements

python >= 3.6

Usage examples

Scanned by Steampunk Spotter

- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword

Scanned by Steampunk Spotter

# NOTES:
# Variable binary_path is required if hdbuserstore command cannot be found in PATH environment variable.
# If running ansible module using become directive with <hanasid>adm user and flag '-i' (interactive - meaning load all environment for the user)
# ansible modules fail. This is due to the fact that <hanasid>adm user sets environment variables PYTHONHOME and PYTHONPATH (to use HANA python,
# not platform python) that confuse ansible.
#
# In that case hdbuserstore command will not be in PATH environment variable for <hanasid>adm user and I(binary_path) has to be provided.
#
# There are several workaround around this unpleasant situation. One is recommended.
#
# Workaround 1 (recommended)
#
# Run hdbsuserstore module with <hanasid>adm user with '-i' (interactive) flag like so
- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
  become: true
  become_user: <hanasid>adm
  become_flags: -i
  vars:
    ansible_python_interpreter: "/usr/libexec/platform-python -E"

Scanned by Steampunk Spotter

# Option '-E' for python interpreter will ignore all PYTHON\* environment variables, so ansible will run platform python without any problems.
# Variable I(ansible_python_interpreter) have to be set to value "/usr/libexec/platform-python -E" on all RHEL versions for any ansible module
# execution when becoming <hanasid>adm user with flag '-i'.
#
# ansible_python_interpreter: "/usr/libexec/platform-python -E" can be set at task level (as above), at play level like so
# Or be set as host variable either in inventory file or as task in playbook:
- name: Converge
  hosts: all
  gather_facts: false
  become: true
  become_user: hanadm
  become_flags: -i
  vars:
    ansible_python_interpreter: python -E

  tasks:
    - name: Environment for SAP HANA
      set_fact:
        ansible_python_interpreter: "/usr/libexec/platform-python -E"

Scanned by Steampunk Spotter

# Workaround 2
#
# Do not use interactive flag when becoming <hanasid>adm user.
- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
    binary_path: "/usr/sap/HAN/SYS/exe/hdb"
  become: true
  become_user: <hanasid>adm

Scanned by Steampunk Spotter

# In that case hdbuserstore command will not be in PATH environment variable for <hanasid>adm user and I(binary_path) has to be provided.
#
# Workaround 3
#
# Do not use interactive flag when becoming <hanasid>adm user. But do not want to provide value for variable I(binary_path).
#
# In that case value for I(binary_path) can be extracted from HANA parameter DIR_EXECUTABLE that one can get with I(parameter_info) module:
- name: Get DIR_EXECUTABLE
  sap.sap_operations.parameter_info:
    instance_number: "00"
    name: DIR_EXECUTABLE
  become: true
  become_user: <hanasid>adm
  register: __DIR_EXECUTABLE

Scanned by Steampunk Spotter

- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
    binary_path: "{{ __DIR_EXECUTABLE.parameter_value[0] }}"
  become: true
  become_user: <hanasid>adm

Inputs

    
env:
    description: 'Database location (host:port).

      Required only if C(state=present)

      '
    type: str

key:
    description:
    - Manage the I(key).
    required: true
    type: str

force:
    default: false
    description: 'If I(true) the key will be updated even if already exists. Used to update
      password.

      If set to I(false) (default value) module will return OK, but will not update the
      key, key will be created only if it does not exists

      '
    type: bool

state:
    choices:
    - present
    - absent
    default: present
    description:
    - If I(present) the key will be created, removed otherwise.
    type: str

password:
    description: 'Password for the hdb store username.

      Required only if you set new key, state=present

      '
    type: str

username:
    description: 'Username for the hdb store

      Required only if you set new key, C(state=present)

      '
    type: str

binary_path:
    default: ''
    description: 'Custom path of the I(hdbuserstore) binary.

      Variable I(binary_path) is required if hdbuserstore command cannot be found in PATH
      environment variable (with user running the module).

      See examples section to find several ways not to provide value for this variable.

      '
    required: false
    type: str

Outputs

env:
  description: HDB env name
  returned: When state is C(present)
  sample: myenv
  type: str
key:
  description: HDB key name
  returned: always
  sample: mykey
  type: str
username:
  description: HDB username for key
  returned: When state is C(present)
  sample: myusername
  type: str